package com.ophiux.auth.support.core;

import com.ophiux.auth.support.handler.FormAuthenticationFailureHandler;
import com.ophiux.auth.support.handler.SsoLogoutSuccessHandler;
import com.ophiux.auth.support.handler.TenantSavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;

/**
 * @desc: 基于授权码模式 统一认证登录 spring security & sas 都可以使用 所以抽取成 HttpConfigurer
 * @author: hhl
 * @date：2023/11/22 16:47
 */
public final class FormIdentityLoginConfigurer extends AbstractHttpConfigurer<FormIdentityLoginConfigurer, HttpSecurity> {

    @Override
    public void init(HttpSecurity http) throws Exception {
        http.formLogin(formLogin -> {
                    //登录访问controller路径
                    formLogin.loginPage("/token/login");
                    //表单提交地址
                    formLogin.loginProcessingUrl("/token/form");
                    //表单提交失败处理
                    formLogin.failureHandler(new FormAuthenticationFailureHandler());
                    //表单提交成功处理
                    formLogin.successHandler(new TenantSavedRequestAwareAuthenticationSuccessHandler());
                    //登录成功后跳转界面
//			        formLogin.defaultSuccessUrl("/token/login?error=login success");
                }).logout()
                // SSO登出成功处理
                .logoutSuccessHandler(new SsoLogoutSuccessHandler()).deleteCookies("JSESSIONID")
                .invalidateHttpSession(true).and().csrf().disable();
    }
}
